Small Stack ECC Pairwise Consistency Test

1. Update the ECC PCT to use the key's heap to allocate any buffers for the test. This is similar to how RSA does it. 2. Put the buffers on the stack if not using small stack option.
2024-09-18 15:14:52 -07:00 · 2024-09-18 15:14:52 -07:00 · a81efc0f6f
parent b9908409d4
commit a81efc0f6f
1 changed files with 14 additions and 4 deletions
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@ -10211,23 +10211,31 @@ static int _ecc_pairwise_consistency_test(ecc_key* key, WC_RNG* rng)
    }

    if (!err && (flags & WC_ECC_FLAG_DEC_SIGN)) {
+#ifndef WOLFSSL_SMALL_STACK
+        byte sig[MAX_ECC_BYTES + WC_SHA256_DIGEST_SIZE];
+#else
        byte* sig;
+#endif
        byte* digest;
        word32 sigLen, digestLen;
        int dynRng = 0, res = 0;

        sigLen = (word32)wc_ecc_sig_size(key);
        digestLen = WC_SHA256_DIGEST_SIZE;
-        sig = (byte*)XMALLOC(sigLen + digestLen, NULL, DYNAMIC_TYPE_ECC);
+#ifdef WOLFSSL_SMALL_STACK
+        sig = (byte*)XMALLOC(sigLen + digestLen, key->heap, DYNAMIC_TYPE_ECC);
        if (sig == NULL)
            return MEMORY_E;
+#endif
        digest = sig + sigLen;

        if (rng == NULL) {
            dynRng = 1;
-            rng = wc_rng_new(NULL, 0, NULL);
+            rng = wc_rng_new(NULL, 0, key->heap);
            if (rng == NULL) {
-                XFREE(sig, NULL, DYNAMIC_TYPE_ECC);
+#ifdef WOLFSSL_SMALL_STACK
+                XFREE(sig, key->heap, DYNAMIC_TYPE_ECC);
+#endif
                return MEMORY_E;
            }
        }
@ -10248,7 +10256,9 @@ static int _ecc_pairwise_consistency_test(ecc_key* key, WC_RNG* rng)
            wc_rng_free(rng);
        }
        ForceZero(sig, sigLen + digestLen);
-        XFREE(sig, NULL, DYNAMIC_TYPE_ECC);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(sig, key->heap, DYNAMIC_TYPE_ECC);
+#endif
    }
    (void)rng;